<?
session_start();
include 'functions.php';

// Check if user has permission to view spec
// Check if it is his spec

$output = json_encode(array("status"=>"error", "message"=>"NOLOGIN"));

$name = mysql_real_escape_string($_POST['name']);
$new_email = mysql_real_escape_string($_POST['email']);
$server = mysql_real_escape_string($_POST['server']);
$character = mysql_real_escape_string($_POST['character']);
$notification = mysql_real_escape_string($_POST['notification']);
if(isset($_POST['notification'])){
	$notification = 'Y';
}else{
	$notification = 'N';
}

if(isset($_SESSION['password']) && isset($_SESSION['email']) && isset($_SESSION['userId'])){
	$password = mysql_real_escape_string($_SESSION['password']);
	$email = mysql_real_escape_string($_SESSION['email']);
	
	$validate = checkUser($email, $password, 1);
	
	if($validate == 1){

		$abfrage = "
				UPDATE ffxivc_users 
				SET
					userName = \"".$name."\"
					,email = \"".$new_email."\"
					,gameServer = \"".$server."\"
					,gameCharacter = \"".$character."\" 
					,notification = \"".$notification."\" 
				WHERE userId = \"".$_SESSION['userId']."\"";
		
		$res = mysql_query($abfrage);
			
		if ($res){
			$_SESSION['userName'] = $name;
			$_SESSION['email'] = $new_email;
			$output = json_encode(array("status"=>"success", "message"=>"UPDATE"));
		}else{
			$output = json_encode(array("status"=>"error", "message"=>mysql_error()));
		}
	}
}

echo $output; 

?>